[SERVER-70172] Standardize auditing events without clients Created: 03/Oct/22  Updated: 05/Feb/24

Status: Backlog
Project: Core Server
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Improvement Priority: Major - P3
Reporter: Shreyas Kalyan Assignee: Backlog - Security Team
Resolution: Unresolved Votes: 0
Labels: neweng
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Assigned Teams:
Server Security
Sprint: Security 2024-02-05, Security 2024-02-19
Participants:

 Description   

When we trigger an event from a signal handler, we do not have a client. Because we have a constraint enforced in the AuditEvent class to ensure that the caller passes in a client, we have to create our own client and pass it to the AuditEvent constructor. Currently the only place we have this issue is in shutdown, where we have an audit event that can be triggered by a signal handler (Ctrl-C). In this case we create a client (possibly for other reasons) and we pass that client in for the audit log. Audit log rotation also has an audit event that can be triggered by a signal handler. Here it doesn’t pass in a client (nullptr) and instead puts an if check in to the AuditEvent class.

We should instead standardize a way of accepting audit events without a client.


Generated at Thu Feb 08 06:15:28 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.